DresOS - An Open Source Security Organization

Welcome to DresOS

Hello, we are DresOS, an open source organization dedicated to enhancing security and development for Android devices, Linux machines, apps, and bots. Our mission is to provide privacy focused, secure and innovative tools that empower users in a digital world.

Click the tabs above to explore our work.

What we do

DresOS Android - A complete guide to build your own fully private, deGoogled Android system using TWRP, Magisk, microG, and the full DresOS defensive app suite
Magisk Modules - Automating the DresOS Android build process one module at a time. Current releases: DresOS WebView v2.2.0, DresOS microG v3.0.1. Next module in development: Permissions Hardener (dresosperms).
DresOS: The Defensive Security Distro - Our upcoming Linux defensive security distribution, coming late 2026
Open Source Tools - Kali Linux tools, Telegram bots, Android utilities, all on GitHub

Support DresOS

DresOS is built by a small open source team in our spare time. Every Magisk module, every guide, and every bug fix is unpaid work. If our tools help you, drop a tip in the jar.

Funds go directly to test devices for module compatibility (Pixel, Samsung, Motorola, OnePlus, Xiaomi), bot hosting, domain renewals, and developer time on the next module.

☕ Donate on Ko-fi

Updates

June 23, 2026 - DresSecureComms, the DresOS Secure Communications App

DresOS now has its own secure communications app. DresSecureComms is a single, FOSS, fully de-Googled app that brings private messaging, calling, contacts, link threat-scanning, photo metadata wiping, and location spoofing together in one place, built and signed by DresOS with no Google services and no trackers.

It can be set as your default SMS and phone app. Messaging is a private offline SMS client with optional per-message AES-256-GCM encryption, readable only by another DresSecureComms user who shares the key. The dialer is a full default phone app with its own in-call screen - mute, speaker, keypad, hold, add call - plus a deletable call history and caller ID and spam screening. Contacts live in an encrypted on-device vault with add, edit, and import. Threat Scan checks any link against VirusTotal and returns a clear safe, suspicious, or dangerous verdict. There is also a photo metadata wiper, a geo spoofer for mock locations, an app lock, and an app-wide block-screenshots mode.

In the DresOS Android system it consolidates several separate tools into one app, taking over URL Check, the Fossify Phone, Messages, and Contacts apps, and Fake Traveler. A future update will extend its scanning engine to media, files, APKs, and ZIPs, taking over the Hypatia role; that engine is under wraps for now.

Source and releases: github.com/DresOperatingSystems/DresSecureComms.

June 19, 2026 - The Biggest DresOS Update Yet

This is one of the largest coordinated updates DresOS has shipped. The whole system WebView path is now DresOS's own from source to signature, microG gained an automatic update pipeline, and the entire DresOS Android guide and security architecture were rewritten to match. Here is everything in one place.

DresOS WebView - our own system WebView engine. DresOS now ships its own system WebView. DresOS WebView is a Chromium engine built from Cromite (Chromium 145.0.7632.120), with Google services and telemetry stripped and Cromite's privacy and security hardening throughout. It replaces the previous third party WebView engine entirely. Where that engine was someone else's build, DresOS WebView is our own, signed with the DresOS release key, so the whole WebView path is under DresOS end to end.

It installs the same proven way as before: the signed APK is placed in the systemless tree at system/product/app/ via Magisk magic mount, a static RRO adds the package plus the DresOS certificate to config_webview_packages, and service.sh promotes it to the active provider with cmd webviewupdate set-webview-implementation after boot complete, verified via dumpsys. The post-fs-data bootloop sentinel and the inert mode fallback carry over, so a failed activation can never bootloop the device, and removing the module restores the stock WebView. Flashing it over the previous WebView module updates in place, with nothing to uninstall first.

The engine is also published on its own as a standalone signed APK, DresOS WebView v1.0.0, with IzzyOnDroid and Obtainium support, so it can be installed and kept up to date independently of the module.

DresOS microG v3.0.1 - now self-updating. The DresOS microG module has been bumped to v3.0.1. A weekly GitHub Actions pipeline now pulls the latest officially signed microG core (GmsCore, Companion, GsfProxy) straight from the official microG F-Droid repo and auto-bumps the module whenever upstream changes, so microG stays current without a manual rebuild. The bundled APKs and the install logic are unchanged, and it remains the same bootloop-safe pure file overlay with ROM-provided signature spoofing.

The guide and security architecture, rewritten end to end. The full DresOS Android Defensive Security guide, the SECURITY_ARCHITECTURE diagram, and the system changelog were all updated to the new WebView engine and microG v3.0.1. Step 7, the Part 3 app suite, the What You Will Need table, the Replacement Overview, and the Layer 5 WebView diagram now describe DresOS WebView and org.dresos.webview throughout.

Requirements (WebView module): Magisk 29.0 or newer, Android 10 through 16, arm64. After flashing, verify with adb shell dumpsys webviewupdate; the active provider should be org.dresos.webview.

We rely on community testing. If you flash any of this and something breaks, please open a bug report at github.com/DresOperatingSystems/DresOS-Magisk-Modules/issues with device model, Android version, ROM, root provider, and the logs at /data/adb/modules/dresoswv/logs/.

June 5, 2026 - DresOS microG v3.0.0 Released

The DresOS microG Magisk module has been rebuilt from the ground up and released as v3.0.0, replacing the v2.0.0 design entirely. v3.0.0 is a pure file overlay: no Zygisk payload, no Xposed or LSPosed dependency, and no boot-time PackageManager work, which means it physically cannot bootloop the device and it coexists cleanly with the DresOS WebView module.

It ships the officially signed microG suite as privileged system apps under product: GmsCore 0.3.15, Companion (FakeStore at com.android.vending), GsfProxy, DroidGuard Helper, Aurora Store, and Aurora Services, with a privapp permissions allowlist generated from the bundled manifests.

Signature spoofing is now provided by the ROM rather than by the module. Because the bundled microG APKs carry the official microG key, any ROM with microG signature spoofing support spoofs them automatically once they are placed in priv-app. There is no bundled hook and no Xposed framework on any ABI.

Aurora Services now lands as a priv-app with its own permissions allowlist, so silent prompt-free installs through Aurora Store work without the standard Android installer prompt for every app. This resolves the v2.0.0 Aurora Privileged Extension issue. ROMs that already ship an upstream signed microG (CalyxOS, LineageOS for microG, iodeOS, /e/OS) are autodetected by cert match and their copy is preserved. GrapheneOS is hard refused.

The DresOS Android guide has been updated end to end: Step 5, Step 6, the What You Will Need table, and the SECURITY_ARCHITECTURE.md Layer 8 entry all reflect v3.0.0. The guide also gained an Aves Libre gallery, the Stratum offline 2FA app, the Tuta Calendar encrypted calendar, and a one-tap DresOS HeliBoard design, and every download link was audited to a stable form.

Watch the full system running on a Motorola Moto g32 on the DresOS Android demo video.

We rely on community testing. If you flash v3.0.0 and something breaks, please open a bug report at github.com/DresOperatingSystems/DresOS-Magisk-Modules/issues with device model, Android version, ROM, root provider, the output of the Action button on the module, and the logs at /data/adb/modules/dresosmicrog/logs/.

May 25, 2026 - DresOS microG v2.0.0 Released

The DresOS microG Magisk module has been released as v2.0.0. It replaced the older manual microG plus signature-spoofing-framework setup in the DresOS Android guide with a single flash.

The module stages the full microG suite as systemless privileged apps: microG GmsCore 0.3.7.250932, microG Companion (FakeStore at com.android.vending), microG GsfProxy, microG DroidGuard Helper, plus Aurora Store as a user app. APKs and matching privapp permissions XML land in the same partition (system/product/priv-app on API 28 plus, system/priv-app on API 26 and 27), satisfying Android 11 plus same partition enforcement.

Signature spoofing is bundled as a Zygisk hook scoped to the microG process only. On arm64 and x86_64 LSPosed is no longer required. On armeabi-v7a, armeabi, x86, or riscv64 the bundled hook does not ship a prebuilt and LSPosed plus FakeGApps remains the fallback.

Cert identity is verified post boot by reading the X.509 SHA-256 that PackageManager itself computes via cmd package dump, not by hashing META-INF/*.RSA blobs which legitimately vary between build environments. ROMs that already ship a working upstream signed microG (CalyxOS, LineageOS for microG, iodeOS, /e/OS) are autodetected by cert match and their copy is preserved; only the Aurora components are staged on those ROMs. GrapheneOS is hard refused because GrapheneOS deliberately blocks signature spoofing and ships its own Sandboxed Google Play.

Debloat moved off systemless overlay markers onto runtime pm disable-user, persisted in /data/system/users/0/package-restrictions.xml. This ends the Android 14 plus boot loop class where overlaying a priv-app directory hid the ART OAT cache. Uninstalling the module re enables every package the module disabled.

The bootloop sentinel is per component: a strike for the Zygisk hook only disables Zygisk on the next boot, a strike for the priv-app overlay only disables the overlay, a strike for the debloat pass only disables debloat. The rest of the module keeps running.

Known issue in v2.0.0: the Aurora Privileged Extension (com.aurora.services) does not always land as a system priv app on every device. Aurora Store itself works fine. The silent install path through Aurora Services is the affected piece, which means you will see the standard Android installer prompt for each Aurora Store install. This was resolved in the v3.0.0 rebuild.

The DresOS Android guide has been updated end to end. Step 5 (Install Magisk Modules), Step 6 (Set Up microG), the SECURITY_ARCHITECTURE.md Layer 8 entry, the What You Will Need table, and the Magisk Modules Roadmap all reflect the new module.

With microG out the door, work begins next on the Permissions Hardener module (dresosperms). It will revoke dangerous permissions from system apps at flash time. Updates posted in this tab as development progresses.

We rely on community testing. If you flash v2.0.0 and something breaks, please open a bug report at github.com/DresOperatingSystems/DresOS-Magisk-Modules/issues with device model, Android version, ROM, root provider, the output of the Action button on the module, and the three logs at /data/adb/modules/dresosmicrog/logs/.

May 12, 2026 - First Official Website Update: DresEcoVerse Archived

The DresEcoVerse has been officially closed down. We now maintain this actively updated website where all our resources, guides, and announcements can be found in one place. This is easier for everyone to navigate and keeps everything centralized.

With our focus now on the already released DresOS Magisk Modules for our Android Defensive Security System build, and with the full app list included directly in the DresOS Android guide, there is no longer a need for the EcoVerse as a separate hub.

Important: The only official DresOS presence on Telegram now is our bot @DresosIbot. Always check this website for link authenticity and official announcements.

April 30, 2026 - Keep Android Open

Hello and we have a massive favour for you guys all open source organisations like ours need your help to keep the android world open, the world of android is starting to Look bleak but with your help we can keep the fight against google going, to find out how you can help and do your part please check the links below and lets keep the struggle going

https://keepandroidopen.org/open-letter/

https://keepandroidopen.org/

DresOS: The Defensive Security Distro

Coming late 2026.

Check the Updates tab for progress announcements and devlogs.

Magisk Modules Live

We are building Magisk modules to automate the DresOS Android build process step by step. Each module replaces a block of manual steps with a single flash in Magisk. The goal is a complete automated DresOS build.

Due to Google's restrictions on app development and firmware swaps, we shut down all ongoing app projects including DresSecureComms. We redirected everything into Magisk modules instead. This lets us bypass many of Google's restrictions while continuing the fight against data mining, data selling, and surveillance.

Module Repository

GitHub Repo

Released Modules

dresoswv v2.2.0

DresOS WebView

Replaces Android's system WebView with DresOS WebView, a Chromium engine built from Cromite with Google services and telemetry stripped and Cromite's privacy and security hardening throughout. The system WebView is the browser engine used internally by hundreds of apps whenever they render web content. Google's version phones home on every render. This module replaces it in a single Magisk flash with DresOS's own engine, signed with the DresOS release key.

How it works: a static RRO is placed in the systemless overlay partition to add DresOS WebView plus the DresOS signing certificate to config_webview_packages, the DresOS WebView APK is dropped into the systemless system tree via Magisk magic mount, and after boot complete service.sh runs cmd webviewupdate set-webview-implementation to promote it to the active provider. Activation is verified via dumpsys. Two layers of bootloop safety sit on top: a post-fs-data sentinel that auto-disables the module if a previous boot crashed, and an inert mode flag that prevents retry storms on activation failure.

Confirmed working devices:

Motorola Moto g32 on LineageOS Android 16

Requirements: Magisk 29.0 or newer, Android 10 through 16, arm64.

The engine is also available on its own as a standalone signed APK with IzzyOnDroid and Obtainium support.

After flashing: reboot, then verify with adb shell dumpsys webviewupdate. The active provider should be org.dresos.webview.

Download Source

dresosmicrog v3.0.1

DresOS microG

Systemless microG suite as a single Magisk flash. Replaces Google Play Services without Google's proprietary code or servers. Ships the officially signed microG GmsCore 0.3.15, microG Companion (FakeStore at com.android.vending), microG GsfProxy, microG DroidGuard Helper, Aurora Store, and Aurora Services as privileged system apps under product, with a privapp permissions allowlist generated from the bundled manifests.

v3.0.1 keeps the same bootloop-safe pure file overlay design: no Zygisk payload, no Xposed or LSPosed dependency, and no boot-time PackageManager work. It physically cannot bootloop the device and it coexists cleanly with the DresOS WebView module. New in v3.0.1, a weekly GitHub Actions pipeline pulls the latest officially signed microG core from the official microG F-Droid repo and auto-bumps the module when upstream changes; the bundled APKs and install logic are unchanged. Signature spoofing is provided by the ROM, not the module: because the bundled microG APKs carry the official microG key, any ROM with microG signature spoofing support spoofs them automatically once they are placed in priv-app.

Aurora Services lands as a priv-app with its own permissions allowlist, so silent prompt-free installs through Aurora Store work without the standard Android installer prompt for every app. Cert identity is verified post boot via cmd package dump reading the X.509 SHA-256 that PackageManager itself computes.

ROMs that already ship a working upstream signed microG (CalyxOS, LineageOS for microG, iodeOS, /e/OS) are autodetected by cert match and the ROM's copy is preserved. GrapheneOS is hard refused.

Requirements: Magisk, KernelSU, or APatch. Android 8.0 through 16. Any ABI. Signature spoofing is provided by the ROM, so no Zygisk or Xposed framework is required.

Download Source

Planned Modules

dresosperms In active development

Permissions Hardener

Revokes dangerous permissions from system apps at flash time. Next module on the roadmap.

dresosdebloat Planned

DresOS System Debloater

Systemlessly removes core Google apps and system bloat in one flash.

dresosafwall Planned

AFWall+ Bootstrap

Pre-configured iptables default-deny firewall rules ready to go after one flash.

dresosoverlay Planned

Privacy Overlay

Disables telemetry flags, advertising IDs, and unwanted sensors at system level.

dresosfossify Planned

Fossify Suite Installer

Installs the Fossify app suite as system apps - Phone, Messages, Gallery, Calendar, Launcher, Contacts, Music.

dresosheliboard Planned

HeliBoard System Keyboard

Installs HeliBoard as the default system keyboard, replacing Gboard entirely.

Stay tuned, stay private, and keep building. - The DresOS Team

DresOS Android

We originally wanted to release our own system but due to all these new cyber laws and the pressure Google is putting on firmware swaps we just could never release it. So we hope our project can bring our organisation back to its core values and release an idea we had once in a different light.

The DresOS Android project has been fully merged into a single comprehensive guide. The old two-repo method (Android-Degoogling and Android-opsec) is now combined into one unified system with a full app suite, security architecture document, and changelog.

Watch the System in Action

A full walkthrough of a DresOS Android 16 device on a Motorola Moto g32, with every layer of the stack running.

Build Your DresOS Android System

Follow the unified guide below. It covers everything from unlocking the bootloader and flashing Magisk, to the full OPSEC stack with InviZible Pro, AFWall+, and the complete DresOS defensive app suite.

Full Guide Security Architecture Changelog

What the System Includes

Part 1 - DeGoogling - Full root method: TWRP, Magisk, DresOS microG module, DresOS WebView via Magisk module, Shizuku, system debloat, FOSS app replacements
Part 2 - Operational Security - InviZible Pro proxy and root mode (Tor + I2P + DNSCrypt), AFWall+ kernel firewall, Tuta Mail with Duck Address email setup, GPS spoofing via Fake Traveler
Part 3 - DresOS Defensive App Suite - 19 apps fully documented with setup, features, and usage instructions

DresOS Defensive App Suite

DresSecureComms The DresOS secure communications app. Private SMS with optional AES-256 encryption, a full default dialer with in-call controls and call history, caller ID and spam screening, an encrypted contacts vault, VirusTotal link scanning, photo metadata wiping, and a geo spoofer. No Google services, built and signed by DresOS. Replaces URL Check, Fossify Phone, Messages and Contacts, and Fake Traveler. GitHub

Amaze File Manager Open source file manager with built-in AES-256 encryption, biometric lock, root explorer, and APK management. Replaces Fossify Files and ZArchiver Pro. F-Droid

IYPS Password strength analyser and generator. Completely offline, zero data collection. Download APK

RedReader Secure, modded Reddit client with no ads or tracking. F-Droid

URL Check Scans any link for IP loggers, malware, and phishing before you open it. Strips tracking parameters automatically. F-Droid

Hypatia Open source antivirus and malware scanner powered by ClamAV. Scans APKs, files, and apps before installation. Download APK

OONI Probe Network measurement tool that detects censorship and surveillance on your connection. F-Droid

InviZible Pro Tor + I2P + DNSCrypt in proxy and root mode. Runs alongside DuckDuckGo App Tracking Protection without VPN slot conflicts. F-Droid

Metrolist Privacy focused, modded YouTube Music client. Ad-free, background playback, no Google tracking. Download APK

Arcane Chat Fully decentralized, end-to-end encrypted messaging built on the Delta Chat protocol over standard email infrastructure. Download APK

Aves Libre Open source gallery and photo and video manager. Local metadata, map and tag organisation, no cloud, no trackers. Replaces Fossify Gallery and Google Photos. F-Droid

Stratum Open source offline two-factor authenticator. TOTP and HOTP, encrypted backups, single permission, no internet access. Replaces Google Authenticator and Authy. Download

Tuta Calendar End-to-end encrypted calendar that syncs across devices through your Tuta account. Zero-knowledge, no Google Calendar. F-Droid

How This System Protects You

Removes all Google services and tracking from the device
Replaces system WebView with DresOS WebView via Magisk module - Cromite-based hardened Chromium
Routes all traffic through Tor via InviZible Pro proxy and root mode
Encrypts all DNS queries via DNSCrypt enforced at kernel level via iptables
Blocks in-app trackers via DuckDuckGo App Tracking Protection
Kernel-level firewall via AFWall+ with per-app rules and mobile data proxy redirect
AES-256 file encryption via Amaze File Manager with biometric lock
Scans every link before opening via URL Check
Scans every APK before installing via Hypatia (ClamAV signatures)
End-to-end encrypted email via Tuta Mail with Duck Address aliases so your real address is never exposed
GPS spoofing via Fake Traveler
MAC address randomisation per Wi-Fi network

Wallpapers

Click each image to open it full size, then save.

Open Source License

The DresOS Android guide and all associated documentation is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0).

You are free to share, copy, redistribute, adapt, remix, transform, and build upon the material for non-commercial purposes, as long as you give appropriate credit to DresOS, provide a link to the license, and release any modifications under the same license.

Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International
CC BY-NC-SA 4.0

Copyright (C) 2026 DresOperatingSystems
https://dresoperatingsystems.github.io
https://github.com/DresOperatingSystems

You are free to:
  • Share - copy and redistribute the material in any medium or format
  • Adapt - remix, transform, and build upon the material

Under the following terms:
  • Attribution - Give appropriate credit, provide a link to the license, 
    and indicate if changes were made.
  • NonCommercial - You may not use the material for commercial purposes.
  • ShareAlike - If you remix, transform, or build upon the material, 
    you must distribute your contributions under the same license.

Full license text: https://creativecommons.org/licenses/by-nc-sa/4.0/legalcode

GitHub Projects

DresOS Android

DresOS-The-Android-Defensive-Security-System - The complete unified DresOS Android guide: DeGoogling, OPSEC stack, Magisk modules, defensive app suite, security architecture, and changelog. (8 stars)
DresOS-Magisk-Modules - Magisk modules automating the DresOS build. Current releases: DresOS WebView v2.2.0 and DresOS microG v3.0.1; Permissions Hardener (dresosperms) in development. (Shell, 7 stars)
Android-Degoogling - The original rooted degoogling guide, now merged into the unified DresOS guide. (Archived, 7 stars)
Android-opsec - The original on-device OPSEC guide, now merged into the unified DresOS guide. (Archived, 3 stars)

Kali Linux

Third-Party-Kali-Nethunter-Build - Our third-party NetHunter build. (Python, 8 stars)
kali-linux-private-network-setup - Set up Kali Linux as a private, encrypted server for your home or business network. (1 star)

Bots

Dresmodbot - Security-hardened Telegram moderation bot with DuckDuckGo web search. (Python, 1 star)
Dresguardian - Privacy-first Telegram group management bot with built-in AI and DuckDuckGo search. (Archived, Python, 1 star)
DresAntiRaidBot - Telegram bot protecting groups and channels from spam, raids, and suspected alt accounts. (Archived, Python, 1 star)

Other Projects

DresTermuxAI - AI assistant for Termux with coding-assistant abilities. (Python, 4 stars)
DresSecureComms - Secure communications app. (Kotlin)
Docker-android - A Docker-like environment on mobile, for advanced users. (3 stars)
Motorola-moto-g32-recovery-mode - Recovery-mode guide for the Moto G32. (Archived, 2 stars)

Terms of Service

By engaging with DresOS, our projects, services, or communities, you agree to the following terms:

We abide by the rules and guidelines of all platforms we use (Telegram, GitHub, F-Droid). Users must also comply with these platform specific rules when interacting with our content or communities.
Anyone who uses our DresOS Android section must follow the rules and terms of each individual application listed.
If our DresOS Android guide is used unethically or illegally, we take zero responsibility and are not liable for any consequences.
Zero tolerance for racism, violence, and CSAM content. Any such behavior will result in potential reporting to authorities.
Treat our bot with care and respect. Do not abuse, spam, or misuse him in any way.
For feedback or bug reports, please contact us using the options in the Contact tab.
If you email or message us for support, it must be related to our organization, projects, or services. Unrelated inquiries may not receive a response.
Be kind and respectful to others in all our communities, forum threads and open bug reports. Harassment, bullying, or disruptive behavior will not be tolerated.

These terms are subject to change. Continued use of our services implies acceptance of the latest version.

Contact Us

Reach us through any of the channels below. For support requests, please make sure your message is related to our organization, projects, or services.

✉

General enquiries, bug reports, and project feedback.

Email Us

💬

Telegram Bot

Message DresAI directly for quick support and questions.

@DresosIbot

🔒

Encrypted Contact

Send Encrypted

Response times vary. We are a small open source team and handle all support in our free time. We will always get back to you on project related questions.